Skip to main content

Home/ Hospitality Technology/ Group items tagged DSS

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
agrie013

Hospitality Upgrade | Online Skimming Threatens Hospitality E-Commerce Sites - 0 views

www.hospitalityupgrade.com/...spitality-E-Commerce-Sites.asp

shared by agrie013 on 16 Feb 20 - No Cached
  • Attacks against the hospitality industry to gain payment information continue. There is a growing threat to all e-commerce websites called Web-based or Online Skimming. These attacks infect e-commerce websites with malicious code, known as sniffers or JavaScript (JS) sniffers and are very difficult to detect. Once a website is infected, payment card information is “skimmed” during a transaction without the merchant or consumer being aware that the information has been compromised.
  • Today two industry cybersecurity organizations, PCI Security Standards Council (PCI SSC) and the Retail and Hospitality ISAC, joined forces to highlight this growing threat.
  • By exploiting vulnerable plugins, brute force login attempts (credential stuffing), phishing and other social engineering techniques, the hackers attempt to gain access and inject malicious code.  “These attacks are either directly into e-commerce websites or often into a third-party’s software libraries that merchants rely upon.  These service providers may not be aware of the risk they create for their customers if they are not focused on security and the potential threats targeting them
  • ...1 more annotation...
  • The ability to detect these threats before they can cause damage is significantly important. Examples of PCI DSS Requirements providing ”detection” controls include: Reviewing code in order to identify potential coding vulnerabilities (Req. 6) Use of vulnerability security assessment tools to test web applications for vulnerabilities (Req. 6) Audit logging and reviewing logs and security events for all system components to identify anomalies or suspicious activity (Req. 10) Use of file-integrity monitoring or change-detection software (Req. 11) Performing internal and external network vulnerability scans (Req. 11) Performing period penetration testing to identify security weaknesses (Req. 11) Alerting on posts to newly observed domains in proxy logs can further provide additional avenues of detection for future phishing attacks as well as the initial reconnaissance phases of an attack on a thirdparty JavaScript library. 
  • agrie013 on 16 Feb 20
     
    This article goes in to detail that attackers have targeted information that is acquired on websites such as credit card and other personal information. This writing does tell how PCI and Retail and Hospitality ISAC joined forces to help prevent such attacks from happening on these websites. Now PCI and ISAC are the standard when it comes to protecting information. These attacks are easily undetectable by these websites because they are only skimming for the information. this article does give tips for prevention and detection. PCI is the industry standard and by them teaming with ISAC it will make these websites and your information more safe.
cvera019

Tourism attracts new cyber security firm to Savannah | SavannahNow - 0 views

savannahnow.com/...w-cyber-security-firm-savannah

hospitality technology IT security

shared by cvera019 on 06 Nov 17 - No Cached
  • Johnson pointed to Savannah’s steady economic and employment growth, particularly in the hospitality/tourism, manufacturing, shipping and logistics, and business service sectors.
  • “Hotels and restaurants must protect their visiting customers’ data and maintain PCI-DSS compliance,” Johnson said. “You don’t want visitors to come and have their ID stolen.”
  • Threats to business data are constant, Johnson said. “Criminals are sophisticated,” Johnson said. “There is no way a company without dedicated resources can keep up.”
  • ...4 more annotations...
  • Johnson said his company has pulled logs that showed a system had been in breach for three years before the ransom demand.
  • All devices that use wifi are vulnerable to hacks.
  • Johnson said when most people think of data hacks or breaches, they think Equifax and Yahoo. “There are many more (you don’t hear about), ” Johnson said. “You know a hack can ruin a small business.”
  • “We have to be right 100 percent of the time,” Johnson said. “Hackers only have to be right once.”
  • cvera019 on 06 Nov 17
     
    The EDTS company believes Savannah's economic and employement growth could attract hackers from obtaining personal information of tourists and visiting customers. Charles Johnson, the CEO of the company believes it is a duty for hotels/restaurants to provide data security for its customers. He believes that not only big companies such as Equifax and Yahoo are vulnerable to hacks, but also small businesses. He adds that when small businesses are hacked, they can be ruined. He stresses all kinds of outlets to protect their data before they have a major breach.
npate083

What you need to consider when choosing a new property management system - 0 views

hoteltechreport.com/...new-property-management-system

property management system hospitality software hotel

shared by npate083 on 03 Oct 19 - No Cached
  • An intuitive interface, as well as an easy-to-read dashboard, go a long way in encouraging employee adoption, reducing training time, and generally improving the working lives of yourself and your team
    • npate083
      npate083 on 07 Oct 19
       
      PMS should be user-friendly so employees can adapt to it faster, reducing training time. It will also make the work easier for your team.
  • A great PMS is one that your team will want to use. Since “good” design is in the eye the beholder, search for a System that balances functionality with an interface that makes sense to you.  
  • GDPR-compliant personal data storage PCI-DSS-compliant processing and card storage Geographic diversity of servers to reduce downtime risk Bank-level encryption of all data Controlled access to the physical area for any on-premise PMS servers
  • ...5 more annotations...
  • robust user access controls
    • npate083
      npate083 on 07 Oct 19
       
      A good PMS system should also have systems in place to maintain guest privacy and payment security.
  • PMS that molds itself to your business,
  • The right PMS is the one that plays well with your existing tech stack. Without the necessary integrations, a PMS cannot perform its functions correctly.
  • One of the reasons why integrations are so important is that a poorly integrated PMS impedes proper reporting
  • All budget certainly matters, it shouldn't be the first criteria. I
  • gabybilk on 03 Oct 19
     
    The article overall discussed the the most necessary things one must observe when choosing a new PMS system. A PMS system must first of foremost be budget friendly. PMS system is the main software for a hotel so the cost is valued highly. Most companies would prefer a pms system that is cost efficient. A PMS system also needs to be easy to use, it must be able to be handle by employees and easy to read and maneuver. The PMS system must also be secure and have controlled access. It also needs to be able to mold to the hotels system.
  • npate083 on 07 Oct 19
     
    The article overall discussed the the most necessary things one must observe when choosing a new PMS system. A PMS system must first of foremost be budget friendly. PMS system is the main software for a hotel so the cost is valued highly. Most companies would prefer a pms system that is cost efficient. A PMS system also needs to be easy to use, it must be able to be handle by employees and easy to read and maneuver. The PMS system must also be secure and have controlled access. It also needs to be able to mold to the hotels system.
irinadolgopolova

How to Prevent Malware Attacks and Promote Cybersecurity at Your Hotel - 0 views

hoteltechreport.com/...malware-in-hotels

Technology hospitality hotel software cyber-security malware

shared by irinadolgopolova on 20 Jul 20 - No Cached
  • Each time a hotel’s guest records get breached, the property is burdened with financial strain and faces broken trust with guests. As a hotelier, you don’t need to be an expert in cybersecurity, but you absolutely need to understand the basics to protect your business and your guests.
  • hotels process lots of transactions and store tons of guest data. A hacker can simultaneously target a property’s point-of-sale and property management system to capture payment card information as well as personal data, like passport numbers and email addresses.
  • Research from Symantec, a cybersecurity firm, found that more than 65% of hotels are routinely leaking booking reference codes through third-party sites. Why is this important? Because the information shared through these codes would allow a bad actor to login to a reservation, view personal details, and even cancel a booking altogether. When this happens, your guest information is vulnerable and you risk destroying the guest relationship.
  • ...3 more annotations...
  • Compliance with the Payment Card Industry Data Security Standard (PCI-DSS) not only helps to ensure that data security software, hardware, and practices are safer, but also helps to protect against fines and penalties when a breach occurs,
  • The right technology is only half the equation; over the years, security experts have also identified employees as part of the problem. Hotels must train their staff to handle personal information security, comply with privacy policies, and change user access credentials regularly.
  • Even with a great PMS/POS system and the right training, it’s important to perform routine penetration testing and risk assessments. There’s no straightforward answer as to how often you should pen test your network, but experts warn once a year probably isn’t frequently enough
  • irinadolgopolova on 20 Jul 20
     
    The article is about the reasons why the hotels are attractive for hackers, the author also explains the key concepts in the cyber security. Then, the biggest cyber attacks in hotel industry are described in the article. At the end, the author tells us how hoteliers can improve the security measures.
rhoff019

Digitizing The Menu: 8 North Broadway Takes The First Step | Rockland County Business J... - 0 views

rcbizjournal.com/...-broadway-takes-the-first-step

shared by rhoff019 on 24 Jun 20 - No Cached
  • “We see more people ordering a second, and a third glass of wine,”
  • “We’re also seeing a 10% uptick in dessert orders.” Which makes sense – it’s hard to resist a dessert that’s staring back at you from a digital tablet.
  • eMenu International, which manages menus and wine lists in restaurants in 15 countries worldwide, says customers have seen increase in their average check from approximately 3% to 9% since implementing the digital menu to their operations.
  • ...8 more annotations...
  • And a patron is more likely to be drawn into a fuller description of a wine or spirit rather than by a line or two on a menu.
  • Restaurants using the full capacity of e-menus, particularly fast-casual establishments that connect to the POS (point of service) system, enable customers to choose their food and drink, place an order and pay.
  • Restaurants can customize e-menus and updates with a click of a button. Another feature of e-menus are multiple language options. Restaurants with tourists are able to view the menu in their native language.
  • it’s time-effective to put wines and desserts on an e-menu because the selection is changed up less frequently than the food, for example, which can change daily.
  • A restaurant can use e-menus to feature and promote private rooms, catering packages, special events such as sports games, bands and more.
  • Or, the e-menu can be used to promote a sister, or a chain of restaurants.
  • we’ve reconsidered that because the human touch is so important in the dining experience
  • Issues of concern include credit card security. Until and unless the transactions (bill payments) are PCI-DSS complaint, a customer’s credit / debit card data is at stake. A customer drops the tablet on the floor by mistake and the screen breaks. Who fixes it? Or replaces it?  The 8 North Broadway chef says his tablets are guaranteed for wear and tear. And there’s theft.
  • rhoff019 on 24 Jun 20
     
    eMenu systems can cause customers to order more when they see images and descriptions on a tablet. There has been an average of a 6% increase in checks in restaurants that utilize digital menus. It can also save the restaurant money to use this system instead of printing new menus. eMenu systems can be customized to promote whatever the restaurant wants to promote. These menus can also be translated so guests can read the menu in their native language, a feature which would be useful in a city such as Miami.
nashalsiddiqi

PCI What? | Column | Hospitality Magazine (HT) - 1 views

hospitalitytech.com/pci-what

shared by nashalsiddiqi on 31 Aug 21 - No Cached
  • I asked politely if the hotel was complaint with PCI Standards. "PC what?" she asked with a friendly smile.
  • PCI DSS, a business or organization should be able to assure its customers that their credit card data, account information and transaction information is safe from hackers or any malicious system intrusion (www.pcicomplianceguide.org). This includes physical copies of consumers' credit card information.
  • Extra attention should be paid to any wireless transactions. Wireless technology is considered the least secure by the PCI Council. Therefore, wireless hospitality applications that carry credit card information such as a wireless point of sale terminal should be evaluated very carefully
liz649

Bed & Breakfast Management Software | Little Hotelier - 0 views

www.littlehotelier.com/bed-breakfast-software

shared by liz649 on 06 Jul 23 - No Cached
  • higher expectations when it comes to service and accommodation standards.
  • more convenient to analyse performance and determine important business decisions.
  • ‘self-start’
  • ...25 more annotations...
  • channel manage
  • booking engine
  • arn more bookings and revenue.
  • support available 24/7,
  • designs their software with small accommodation businesses
  • issues you have can be solved as quickly as possible
  • understand your goals
  • stay PCI-DSS and PSD2 SCA compliant to protect your small property from fraud and avoid online risks.
  • Make sure you’re free to cancel anytime.
  • Stay connected to your guests throughout their stay
  • Manage important daily tasks straight from your smartphone or tablet
  • enables you to manage your property online. It can include many different features such as a front desk system, booking engine, channel manager, payments solution, and more.
  • payment information is in one place
  • command centre where you can see all your bookings from every booking source in one central calendar.
  • ed and
  • breakfast software is a tool that
  • centralising all the crucial aspects of your property’s operations
  • n keep everything all in one place and make changes at the click of a button
  • nformation you need to view or analyse
  • generated automatically and is easily accessible.
  • simplifying the day-to-day operations of your business
  • more control over your business, leading to better decisions and greater profits.
  • easily control all the vital parts of reservation management
  • add more value to your business.
  • increase upsell opportunities and further enhance guest experience
  • liz649 on 06 Jul 23
     
    The article discusses what a bed and breakfast system is and how it is beneficial for the bed and breakfast to have a PMS system. If the owner would like to live their life and not be behind the desk they need the bed and breakfast system. The owner is able to have all the functions of their bed and breakfast at their finger tips and make any changed from their phone or tablet.
llibe010

The Top Five Cyberthreats Hotel Brands and Franchisees Need to Know About | Netsurion - 0 views

www.netsurion.com/...p-five-cyberthreats-for-hotels

Technology hospitality hotel software security

shared by llibe010 on 23 Jun 22 - No Cached
  • ay for guests, it also opens hotels to digital threats perpetrated by malicious actors. Consequently, hotel operators should be aware of the types of cyber attacks, which can significantly hurt their brand reputation and bottom line, not to mention the safety and welfare of employees and guests.
  • In January, for example, cyber criminals took over a luxurious Austrian hotel’s computer-controlled key-card system, locking 180 guests out of their rooms until hotel managers paid a nominal ransom
  • A ransomware attack may disable or alter performance of hotels’ computer-driven systems such as air conditioning and lighting, putting guests’ comfort and, worse yet, safety at risk. In addition, booking systems are extremely vulnerable to ransomware attacks because they process information belonging to the hotels, third-party applications and their customers.
  • ...18 more annotations...
  • 1. Ransomware:
  • hey present further ransomware opportunities to hackers by using computers to automate functions.
  • distributed denial of service, or DDoS
  • One of the largest data breaches in history was conducted through a third-party vendor when hackers stole data from 70 million credit cards by gaining access to a mega-retailer’s network through credentials belonging to an HVAC contractor.
  • 3. Phishing scam targeting customers and hotels:
  • 4. DDoS attacks on the hotel network:
  • 2. Remote hacking through third-party vendors:
  • 5. Theft of personal information over public Wi-Fi.
  • Statistics indicate that such incidents will become more frequent, so it is not a matter of if but when the next cyber attack will occur.
  • Integrate a managed SIEM. Hotels should bring on a managed security information and event management (SIEM) platform for their remote locations to be warned right away of cyber attacks. They may also want it for inside the perimeter if they lack the expertise and resources to properly use SIEM internally.
  • Maintain PCI compliance. The Payment Card Industry Security Standards Council (PCI SSC) has put forth a set of stipulations, the Payment Card Industry Data Security Standard (PCI DSS), in response to rapid PCI expansion. Hotels should make sure they are compliant with these regulations, which require businesses to send credit-card information in a secure environment, to prevent paying heavy fines and losing data, revenue, and customer trust.
  • Install antivirus on all devices. Hotels should ensure they have reliable anti-virus and anti-malware software installe
  • Train employees. Hotels should train employees to not open suspicious emails or links inside them as they may contain malware.
  • According to the FBI, the number of cyber threat occurrences quadrupled to 4,000 per day last year from 1,000 per day in 2015
  • In addition, there are large volumes of payment card transactions between restaurants, on-site shops, spas, parking, and the front-desk, ensuring there is plenty of customer data for a hacker to compromise.
  • The number of cybersecurity incidents worldwide increased 38 percent in 2015 from 2014, according to the Global State of Information Security Survey 2016 by PwC, CIO, and CSO.
  • Hotels are especially vulnerable to this type of attack where a type of malware disrupts access to a system until a ransom is paid. This is because they often use integrated POS systems
  • Hackers can break into hotels’ payment systems through a remote access point belonging to one of its vendors, so they should closely monitor third-party access to their networks
  • CHARLENE ESCOE BARNETT on 23 Jun 22
     
    This article outlines some of the main cyber attacks on the Hospitality industry. It exposes the threats due to the wealth of data stored in PMS, POS and CRM and suggests steps to take to protect against malware and randsomeware. The article further highlights the necessity for antivirus software on all devices.
  • llibe010 on 19 Oct 22
     
    The article describes the five most common cybersecurity risks for hotel brands such as ransomware, remote hacking and DDoS attacks. The operational elements of each risk have also been discussed. It also covers best practices that hotels and other hospitality organizations can adopt to curb breaches.
mmdmd99999

PCI Compliance: What Every Hotelier Should Know and Do | hospitalityupgrade.com - 0 views

www.hospitalityupgrade.com/...magazine_Detail.asp

shared by mmdmd99999 on 14 Apr 21 - No Cached
  • Payment Card Industry Data Security Standard (PCI DSS) compliance has become a very important consideration for hotels.  Some hotels are not in compliance and don’t even know it.  There are significant penalties associated with non compliance including lawsuits, audits, fines and even losing the ability to process credit card payments.
  • PCI compliance is about network and computer security
  • such as securing paper documents, proper shredding of documents and document retention
  • ...3 more annotations...
  • Network segmentation and the use of firewalls is very important.  No email or Web surfing should be done on the secure side of a network.
  • “How to be compliant,” that has additional links to each credit card brand.
  • There are levels of merchant compliance.  A level 1 merchant processes more than 6 million transactions annually.  This level requires an annual onsite security audit and quarterly network scans.Level 2 merchants process between 1 million and 6 million credit card transactions annually.  This level requires an annual self assessment and quarterly network scans.Level 3 merchants process between 20,000 and 1 million e-commerce transactions annually and have the same compliance requirements as level 2.Level 4 merchants process fewer than 20,000 e-commerce transactions a year and require annual self assessments and network scans.Data security breaches can cost a hotel an average of $182 per compromised record.  This does not include the cost of defending a lawsuit, if one is brought, or fines for non-compliance from individual credit card brands.
  • mmdmd99999 on 27 Jun 22
     
    PCI compliance, what is it, how to make sure you are compliant, why do we care?
djohn304

Adoption_of_Cloud_Computing_002_.pdf - 0 views

shared by djohn304 on 30 Aug 22 - No Cached
  • The core requirements for a hotel to be successful were to be aliated to a hotel group and to have a good quality product in terms of rooms and facilities before the age of computer networks and cloud services
  • o ering comfortable home-like environment
  • data about customer habits, desires and preferences
  • ...15 more annotations...
  • This is key to the success of a hotel group in a market where 1) mobile booking on travel websites are increasing at a faster rate (20% annually) than desktop bookings (2% annually), 2) 21% of bookings are originating from smart phones and tablets, and 3) 12% of mobile bookings are implemented by Apps
  • Cloud computing has been used for tourism management, for example to rank popular tourism destinations in cities
  • Cloud computing is a technology that allows the provision and utilization of resources over the internet in lieu of installations on a desktop computer
  • cloud computing de nition: Private, Public, Community and Hybrid clouds.
  • After the 2008 recession, when lowering costs was a key objective for hotels, PAR Springer-Miller, introduced ATRIO as the Next Generation Hospitality Management Software 3 into the market.
  • The cloud related challenges that have stood out from the hotel groups responses were a) the increase in Opex (OPerating EXpense), b) restricted access to the environments and c) concerns about information security.
  • how a Quality of Service (QoS) ranking mechanism enables cloud applications such as airline ticketing systems, hotel booking services and car rental services to interact with each other to deliver services to their customers.
  • OPERA property management system cloud application in over 850 of their hotels. The hotel management system is no longer maintained on the hotel premises and storage of their data is outsourced (MICROS Systems Inc., 2013).
  • InterContinental Hotels Group were able to eliminate hardware infrastructure costs and centralize management activities such as updating prices, at the touch of a button across sixty one of their UK properties by adopting a cloud solution for their restaurant point of sale systems called SIMPHONY
  • Cloud computing is the only way forward for hospitality.
  • The distribution of the usage of cloud information system (IS) or on-premise IS in the studied hotel groups shows that the majority of IS used by hotel groups were running on the cloud, and that the smallest (in terms of number of rooms) hotel groups' (group 2) level of cloud adoption is equivalent to that of the largest (group 4).
  • The most common two bene ts identi ed are: 1) solving the problem of lack of hardware on site, and 2)transferring the risk relating to security and PCI / PA-DSS requirements to the cloud service suppliers.
  • traditional telephone system to a cloud based VoIP solution which is integrated to their SaaS hotel management system solution provided by Protel (16).
  • Alternatively, it could be due to the change in process experienced by IT Managers and now having to depend on a third party for issues which previously could be quickly checked and resolved with servers being on site.
  • The challenge which received the highest average rank (12.38 points) by the participants was the Dependency on bandwidth whilst that of least signi cance was the issue of Software licensing (3.38 points)
  • djohn304 on 31 Aug 22
     
    This article investigates the adoption of cloud computing in the hospitality industry across the world. While identifying the benefits and challenges of this system, the findings suggest that cloud computing is utilized in hotel groups today, more often than not. The article is not an opinion piece but rather an investigation searching for evidence to support the theory that cloud computing is growing in the hospitality industry. It bases its arguments from the observances that in order to operate a hotel group on todays scale, you have to be willing to fall in line with the trends of today- technology + convenience. It also is described how operating systems that streamline property management in terms of reservations, billing, ticketing, etc aren't exactly inventions of right now, but have been developed and corrected more and more as time has gone on and necessity has demanded of them. Four hotel groups, across 2-3 regions were involved in the study where participants were all senior IT directors and managers, across hotels with varying levels of rooms. What they ultimately found was that majority of the information systems used by these hotel groups were based on the cloud system. When the benefits and challenges were surveyed, it was found that the most common reason groups were utilizing this system was relieving the site from not having certain hardware to perform certain functions, and transferring security related risks to the system suppliers instead of the hotel. However, challenges noted was that operating expenses increased, the on site IT leaders don't have access to the environment the hardware lives in, and information security concerns. Working with a cloud computing system daily, I thoroughly understand and appreciate the benefits of having one streamlined services for guest logistics. It creates multiple levels of ease for all aspects of the organization as well as the wider hotel group. For operations that span across the globe, there probably i
‹ Previous 21 - 30 of 30
Showing 20 items per page